Privacy Policy
Effective Date: March 1, 2024 Last Updated: January 25, 2024
1. Introduction
HIPAA Secure Now. (“HSN,” “we,” “us,” or “our”) oversees this website hipaasecurenow.com (collectively, the “Site”) and related services (collectively, our “Services”). We have developed this Privacy Policy to inform our users (“user(s),” “you,” or “your”) about how we collect information in the course of providing our Services and conducting our business, how we use the collected information, and your rights with respect to any information we collect. For clarity, this Privacy Policy is only applicable to our Site and Services, and not to any other website that you may be able to access therefrom, each of which may have different data collection and use practices. Please consult the policies of those websites to understand your data privacy rights on those websites. We ask that you read this Privacy Policy carefully. If you do not agree to be bound by this Privacy Policy, then do not access or use the Site. By accessing and/or using the Services, you accept and agree to be bound by this Privacy Policy. This Privacy Policy is incorporated into our Terms of Service Terms of Service | HIPAA Secure Now! – HIPAA Secure Now! Your use of our Services and any Personal Information you provide through the Services are subject to this Privacy Policy at all times. If you have any questions about this Privacy Policy, please contact us at [email protected] or at the contact information below Contact Our Customer Support Representatives – HIPAA Secure Now!.
2. Information We Collect
When you use the Services, we collect the following types of Information:
A. Non-Personal Information
“Non-Personal Information” means information that does not directly, personally identify you, but provides insights regarding your use of the Site. For example, we collect information about your use of the Site, including but not limited to your IP address, online behavior, Internet connections, mobile, or other device computer equipment, sites or other destinations visited before and after using or accessing the Services, date/time stamps, the time of your visits, content viewed, and other similar information about traffic and usage, as you navigate to, through, and away from our Site, including other clickstream data.
B. Personal Information
“Personal Information” means information that may identify, relate to, describe, or that could be linked or associated with, you or your household. Personal Information that we collect through the Services may include, but is not limited to, your first and last name(s), email, employer, phone number, job function, IT service provider and any other information you provide to us. In addition, if you choose to process a payment on or through features on the Service(s), you may be required to provide your Personal Information to third parties for services such as credit card or other payment processing, order fulfillment, credit pre-authorization, and address verification. In such cases, the information may be used by us and by such third party(ies), each pursuant to its own policies. You agree that we are not responsible for third parties’ processing of your information. In some jurisdictions, such as certain states within the United States, an IP address may be considered Non-Personal Information. In other jurisdictions, such as in the European Economic Area (the “EEA”), an IP address is considered Personal Information under applicable data protection laws. If this is the case, we process IP addresses for the same purposes as Personal Information under this Privacy Policy. You may be given the option to receive push notifications while using our Services. In order to serve push notifications, we may need to collect a persistent identifier from your device. You can turn off push notifications in your device settings. Personal Information and Non-Personal Information are collectively referenced as “Information.”
3. Where/How We Collect Information
We collect Personal Information and Non-Personal Information about you from a number of sources, as described in greater detail below.
A. From You
When you register, or an administrator at your place of employment registers on your behalf, to use our Services, or you complete online forms or surveys, request to receive information or support, or communicate with us or our representatives, whether through standard mail, email, or telephone, you may provide your information to us.
B. From Third-Parties
We may obtain Information, including Personal Information, from third-parties and sources other than the Services, such as our advertisers, data partners, service providers, and parties we contract with to provide the Site or the Services to you. If we combine or associate information from other sources with Personal Information that we collect through the Services, we will treat the combined information as Personal Information in accordance with this Privacy Policy.
C. Cookies and Other Technology
We also use “cookies” to enhance your use of our Services. A cookie is information either temporarily or permanently stored in a file on your computer. You can set your browser to reject cookies, but that may limit your use of some convenient features of our Service(s). For more information on cookies and how our Services use cookies, please see our Cookie Policy.
4. How We Use Information
We use Non-Personal Information collected by cookies, web beacons, and other Internet tracking technology to store your preferences, improve website navigation, make personalized features and other services available to you, to generate statistical information, monitor and analyze user traffic and usage patterns, monitor and prevent fraud, investigate complaints and potential violations of our policies, to improve the our content and the products, services, materials, and other content that we describe or make available through the Services, and otherwise help administer and improve the Services. We may identify you from your Personal Information and merge or co-mingle Personal Information and Non-Personal Information1.2 Except as otherwise stated, we may use Information we collect from you for the legitimate business purpose of providing our Services to you, including, but not limited to the following:
- To fulfill or meet the reason you provided the Personal Information. For example, if you share your name and contact information to ask a question about our Services, we will use that Personal Information to respond to your inquiry.
- To establish and secure accounts to use the Services, check on your account status, and to validate your username, e-mail, password, and/or other login credentials.
- To provide, support, personalize, and develop our Services, including without limitation, to conduct aggregate or research analysis and develop business intelligence that helps us to enhance, improve, evaluate, operate, protect, make informed decisions about, and report on the performance of our Services.
- To communicate information and promotional materials to you, where you have not expressed a preference otherwise, and to send you information and updates about the Services and any changes to relevant agreements, policies, or other terms, and to enforce such terms.
- To work with our service providers, who perform certain business functions or services on our behalf and who are bound by contractual obligations consistent with this Privacy Policy.
- To prevent or investigate fraud, or for risk management purposes, and to help maintain the safety, security, and integrity of our Services, databases and other technology assets, and business.
- To comply with legal obligations, court orders, or in order to exercise any legal claim or to defend against any legal claim.
- To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by us about our consumers is among the assets transferred.
- As otherwise described to you when collecting your Personal Information.
In addition, we may use third‐party e‐mail providers to deliver communications to you. If you no longer want to receive these e-mail communications, you may opt-out of receiving e-mail communications through the “unsubscribe” link or by contacting us Contact Our Customer Support Representatives – HIPAA Secure Now!. We may, from time to time, invite you to participate in online surveys. The information requested in these surveys may include, but is not limited to, your opinions, insights, ideas, activities, experiences, events, and Services. The information collected by these surveys is used to improve customer experience and shape development of our products and Services.
5. How We Share Information
We do not sell or rent your Personal Information to marketers or unaffiliated third-parties. We may share your Personal Information with the following parties:
- Corporate affiliates, including corporate parents, subsidiaries, other affiliated entities, and associated entities, which are required to treat the information in accordance with this Privacy Policy and to use the information only for the purposes described in this Privacy Policy;
- Service providers that help us administer and provide the Services (for example, a web hosting company whose services we use to host our platform). These third-party services providers have access to your Personal Information only for the purpose of performing services on our behalf. We have entered into contractual relationships with these service providers and require them to comply with all applicable information privacy laws and regulations and to use the Information only for the purposes for which it was disclosed. We require that any third-party service providers limit their use of your Information solely to providing services to us and that they maintain the confidentiality, security, and integrity of your Information and not make unauthorized use or disclosure of the Information. A list of these third parties is available upon request;
- Authorized third parties, who are parties directly authorized by you to receive the applicable Information, such as when you authorize a third-party application provider to administer or access your account. The use of your Information by an authorized third party is subject to the third-party’s privacy policy, and we are not responsible for any misuse by them of your Information;
- Third parties in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings), in which case we will require the recipient to use such information in accordance with this Privacy Policy;
- As we believe necessary: (i) under applicable law; (ii) to enforce applicable terms and conditions; (iii) to protect our rights, privacy, safety or property, and/or that of our affiliates, you, or others; (iv) to detect, prevent, or otherwise address fraud, security or technical issues; (v) to respond to claims that contact information (e.g. name, e-mail address, etc.) of a third-party has been posted or transmitted without their consent or as a form of harassment; and (vi) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include authorities outside your country of residence; and
- Pursuant to your express consent
6. Information Security
We take reasonable steps online and offline to safeguard the Personal Information that you provide to us, including: Data encryption on both in transport via HTTPS and at rest using AES-256 encryption within our cloud based data center. While we endeavor to protect your Information, it is common knowledge that transmission of information via the internet is not wholly secure, and we cannot guarantee the security of your Personal Information, or any other information, transmitted to or through our Site or Services. Any transmission of Personal Information, or other information, is at your own risk. By using our Site and/or Service, you acknowledge and accept these risks. If you have any questions about security on our Services, or if you become aware of any unauthorized use of an account, loss of your account credentials, or suspect a security breach, notify us immediately via email at [email protected]. If our security system is breached, we will notify you of the breach to the extent required under applicable law.
7. Information Retention
We retain the Personal Information we receive as described in this Privacy Policy for as long as you use our Services or as necessary to fulfill the purpose(s) for which it was collected, provide our products and services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.
8. Additional Information for California Residents
California Civil Code Section 1798.83 permits California residents to request and obtain a list of what Personal Information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year and the names and addresses of those third parties. We do not disclose personal information to third parties for direct marketing purposes but requests may be made only once a year and are free of charge. Under Section 1798.83, California residents are entitled to request and obtain such information, by e-mailing a request to [email protected].
9. Additional Information for EEA Residents EEA residents whose Personal Information we have collected (“Data Subjects”) may have additional rights respecting their Personal Information, including rights to specific disclosures and rights to control their Personal Information. Please see below for more information.
A. Legal Bases for Processing Your Information
We process your Personal Information for the purposes set forth in Section 4, above, on the bases further described below.
- For Legitimate Interests. We may use your Personal Information for the legitimate business purpose of providing our Services to you. For example, we use your Personal Information to administer the Services, help diagnose problems with our Services and provide support, to communicate information to you, to improve our Services and customize our Services to your preferences, to work with our service providers, to show you content and sponsored messaging, to prevent or investigate fraud or to comply with legal obligations, and for other purposes identified to you and as requested by you.
- Performance of a Contract. If you have agreed to our terms of use, or other terms of service, and you have created an account, signed up for a subscription, or entered into a contest or sweepstakes, we or our service providers may also use your information to establish your account to use the Services, validate your account credentials, respond to your requests, provide you with merchandise or services you have requested, notify you of contest or sweepstakes results, and to notify you of any changes to relevant agreements or policies.
- Consent. If we have obtained your consent, we may also share your information with our corporate parents, subsidiaries, other affiliated entities, and associated entities for the purposes described in this Privacy Policy or use and use your Personal Information to process any request or transaction you make, send email and postal mail to provide you with updates and news, and to otherwise process your Personal Information and Non-Personal Information as described throughout this Privacy Policy and as consented to by you.
B. Your Choices, Access, and Rights to Your Personal Information
Data Subjects may have the following rights and options with regard to accessing, reviewing, correcting, and updating their Personal Information:
- Right to Access. We respect your right to access and control your information, and we will respond to requests for information and, where applicable, will correct, amend, or delete your Personal Information.
- How to Access Your Personally Identifiable Information. You may choose to access or update Personal Information, by logging into the account you have created with our Service(s), if applicable.
- Access to Personal Information. You may choose to access your Personal Information by contacting us and requesting access, a process which shall include our identity verification procedures. Before providing data to you, we will ask for proof of identity and sufficient information about your interaction with us so that we can locate any relevant data. We may also charge you a fee for providing you with a copy of your data (except where this is not permissible under local law).
- Updating Communications Preferences (Opt-Out) and Unsubscribing. You may choose to receive promotional offers, newsletters, and similar communications from us regarding our products and services and the products and services of our affiliated organizations. You may opt out of receiving such communications from us by communicating your preferences to us at [email protected] or in the case of e-mails, by following the unsubscribe instructions contained in the applicable e-mail.
- Right to Rectify — Correction and Deletion. Citizens of some jurisdictions, including the EEA, have the right to correct or amend their Personal Information if it is inaccurate or requires updating. You may also have the right to request deletion of your Personal Information; however, this is not always possible due to legal requirements and other obligations and factors. Remember that you can update your account information by contacting us at [email protected].
- Right to Erasure / Be Forgotten. Data Subjects may have the right to request that we delete your Personal Information in certain circumstances, such as if holding the Personal Information is no longer necessary or if part of your Right to Object (below). Please note that if you request erasure of your account, we, in complying with your request, shall also delete any and all research data that has been submitted to us through our Services. It is your responsibility at all times to ensure that you are in compliance with all applicable rules, policies, and regulations at the institutional, administrative, and federal levels regarding retention of research data, including, but not limited to, United States regulations governing retention and disposal of research records.
- Right to Object. Data Subjects may have the right to object to the use of Personal Information for direct marketing uses, scientific uses, or historical research. If you do not wish to have your Personal Information shared with third parties, contact our Data Protection Officer as described at the end of this document. If you do not wish to receive future commercial messages from us, simply follow the unsubscribe instructions contained within the message you receive. (But note that you may continue to receive certain communications from us, such as transactional or relationship messages, and/or messages about your account/profile).
- Right to Restrict Processing. Citizens of some jurisdictions, including the EEA, have the right to request that we stop processing their Personal Information.
- Right to Data Portability. A Data Subject has the right to request that we provide your Personal Information for the purpose of sharing it with another service provider (through a secure process).
- Filing a Complaint. A Data Subject who is not satisfied with how we manage your Personal Information has the right to make a complaint to a data protection regulator. A list of National Data Protection Authorities can be found here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
C. Geographic Information Transfers
If you are located outside of the United States, please be aware that your Information will be transferred to, processed, and stored in the United States, where it will be treated in accordance with this Privacy Policy and applicable privacy laws in the United States and the EU. These laws may be different from the privacy laws in your country and with regard to which an adequacy decision by the European Commission does not exist. However, this does not change our commitment to safeguarding your privacy, and we will comply with all applicable laws relating to cross-border data disclosure of your Personal Information. Where required, we implement Standard Contractual Clauses with our third parties pursuant to the requirements of the General Data Protection Regulation (EU) 2016/679 (the “GDPR”), and you may request a copy of the Standard Contractual Clauses by emailing us at [email protected]. Where we receive requests for information from law enforcement or regulators, we carefully validate these requests before disclosing any Personal Information. If you have an inquiry regarding your Personal Information, pursuant to the rights listed in the preceding section (above), please send your message to the following: HIPAA Secure Now Attention: Website Inquiry E-mail: [email protected]
10. Links to Third Party Sites
The Site may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. Such links do not constitute an endorsement by us of those other websites, their content or services, or the persons or entities associated with those websites. This Privacy Policy does not apply to third-party websites. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policies and terms of all third-party websites or services that you may visit.
11. Children’s Privacy
We do not sell products or services for purchase by anyone under the age of thirteen (13). In accordance with the Children’s Online Privacy Protection Act (“COPPA”), we will never knowingly request or solicit Personal Information from anyone under the age of thirteen (13) without verifiable parental consent. In the event that we receive actual knowledge that we have collected such Personal Information without the requisite and verifiable parental consent, we will delete that information from our database as quickly as is practical. We reserve the right to request proof of age at any stage so that we can verify that minors are not using the Service(s).
12. Changes in the Privacy Policy
We reserve the right to modify and update this Privacy Policy at any time by posting an amended version of the statement on our Site. Please refer to this Privacy Policy regularly. If at any time we decide to use Personal Information in a manner different from that stated at the time it was collected, we will notify you either on the panel home page of our Site or via e-mail.
13. How to Contact Us
Because protecting your privacy is important to us, you may always submit concerns regarding our Privacy Policy on the contact us page. We will attempt to respond to all reasonable concerns and inquiries expeditiously. If you have any questions or comments about our Privacy Policy, please contact us at:
- By e-mail: [email protected]
- By telephone: 877-275-4545
- By regular mail: HIPAA Secure Now Attn: Website Inquiry 55 Madison Ave. Suite 400 Morristown NJ, 07960